In re: McGarvey et al. 
Serial No.: 09/921,536 
Filed: August 3, 2001 
Page 9 of 1 1 

REMARKS 

Applicants appreciate the detailed examination evidenced by the Final Office Action 
mailed August 4, 2005 (hereinafter "Final Action") and the Advisory Action mailed 
November 3, 2005 (hereinafter "Advisory Action"). Applicants further appreciate the 
courtesy extended by the Examiner during the telephonic interview of November 16, 2005. 
In response, Applicants have amended Claims 1, 26, 27, 28, 31, and 32 to clarify that the 
common nonce is provided to the plurality of servers, as suggested by the Examiner. 
Applicants respectfully submit that such a recitation is not taught by the cited references, as 
will be discussed in detail below. Also, the arguments from Applicants 1 Request for 
Reconsideration submitted October 4, 2004 are incorporated by reference herein. 
Accordingly, Applicants respectfully submit that pending Claims 1-32 are patentable over the 
cited references for at least the reasons discussed below. 

Interview Summary 

During the telephone interview of November 16, 2005, the present amendments to the 
claims were discussed with the Examiner. More particularly, in Claim 1 , the language 
"providing the signed common nonce as a signature for transactions from the client to the 
plurality of servers" has been re-worded to recite "providing the signed common nonce to the 
plurality of servers as a signature for transactions", to clarify that the signed common nonce 
itself is provided to the plurality of servers. Claims 26 and 27, which are system and 
computer program product analogs of method Claim 1, have been similarly amended. 
Likewise, Claims 28, 31, and 32 have been amended to recite receiving "a common nonce 
that is provided to each of the plurality of servers". Applicants submit that these amendments 
are fully supported by the present specification, and as such, no new matter has been added. 
The reasons for patentability of the amended claims in view of the cited references will be 
described in detail below. 

Independent Claims 1, 26-28, 31 and 32 Are Patentable Over Brezak and Ganesan 

Independent Claims 1, 26-28, 31 and 32 stand rejected under 35 U.S.C. § 103(a) as 

obvious over U.S. Patent Application Publication No. 2003/0018913 to Brezak et al. 
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(hereinafter "Brezak") in view of U.S. Patent 5,535,276 to Ganesan (hereinafter "Ganesan"). 
Claim 1 as amended recites: 

A method for a middle-tier server to impersonate a client to a plurality of 
servers, the method comprising: 

obtaining a common nonce associated with each of the plurality of servers 
from an entity other than the client or the plurality of servers; 

providing the common nonce to the client; 

receiving the common nonce signed by the client at the middle-tier server; and 
providing the signed common nonce to the plurality of servers as a signature 
for transactions so as to authenticate the client to the plurality of servers. 

(Emphasis added). Applicants respectfully submit that the combination of Brezak and 

Ganesan fails to disclose or suggest providing the same common nonce to a plurality of 

servers in order to authenticate a client to the plurality of servers. 

Brezak appears to be directed to controlling delegation of authentication credentials 

by providing a service ticket including a "forwardable flag" that indicates that the client has 

authorized the delegation. See Brezak, Paragraph 0046. As shown in Figures 2, 3A, and 3B 

of Brezak, clients 202 and/or 302 may access a plurality of servers B 212, C 214, and D 216 

via a server A 210. See Brezak, Figs. 2-3B. More particularly, as described in Brezak, when 

server A 210 seeks to access another server on behalf of client 302: 

[S]erver A 210 sends a TGS_REQ message 306 to authentication service 206 
requesting a service ticket to itself for client 302. In response, authentication service 
206 generates a TGS_REP message 308 that includes the requested service ticket. The 
received service ticket is then used in a subsequent S4U2proxy protocol/procedure to 
request a service ticket to server C 214 for client 302. 

See Brezak, Paragraph 0055 (Emphasis added). 

Accordingly, Brezak appears to describe an authentication procedure using two 
service tickets. The first service ticket is received at server A 210 from the authentication 
service 206, and is used to request another service ticket to server C 214. As such, 
Applicants submit that even were the service tickets of Brezak to be considered a "common 
nonce" as recited by Claim 1 , nowhere does Brezak appear to disclose or suggest providing 
the same service ticket to each of the plurality of servers A 210, B 212, C 214, and D 216. 
Thus, Brezak does not appear to disclose or suggest providing one common nonce, signed or 
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otherwise, "to the plurality of servers. . .so as to authenticate the client to the plurality of 
servers", as recited by Claim 1 as amended. 

Nor is Ganesan relied upon to disclose such a recitation. Rather, Ganesan appears to 
be directed to split private key asymmetric cryptography, and is relied upon to show that a 
message, including a ticket to access a server 50, is encrypted/signed and then verified to 
authenticate the client to the server 50. See Final Action, Page 3 and Ganesan, Col. 5, lines 
34-56 and Col. 15, lines 52-54. 

Accordingly, Applicants submit neither Brezak nor Ganesan appear to disclose or 
suggest "providing the signed common nonce to the plurality of servers", as recited by Claim 
1 as amended. Thus, Claim 1 is patentable over the combination of Brezak and Ganesan. 
Claims 26 and 27 contain similar recitations, and are thus patentable for similar reasons. In 
addition, Claims 28, 31, and 32 similarly recite receiving "a common nonce that is provided 
to each of the plurality of servers", and as such, are patentable for at least similar reasons. 
Also, dependent claims 2-25 and 29-30 are patentable at least per the patentability of Claims 
1 and 28 from which they respectively depend. 

Conclusion 

Accordingly, based on the amendments and remarks provided above, Applicants 
submit that pending Claims 1-32 are in condition for allowance, which is respectfully 
requested. Applicants encourage the Examiner to contact the undersigned by telephone to 
resolve any remaining issues. 
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